Security vulnerabilities and automated fixes for proxy server issues
1 post found
A critical buffer overflow vulnerability was discovered and patched in the ShadowsockR proxy server, where attacker-controlled network packet data was used directly as the byte count in memory copy operations without bounds checking. This class of vulnerability allows remote attackers to corrupt server memory, potentially enabling arbitrary code execution or denial of service. The fix adds proper bounds validation before any memory copy operation involving network-supplied length values.